Skip to main content

Trump hotels reportedly hit by second data breach in 12 months

trump tower cloudy
Andrew Seaman/Flickr
Donald Trump’s hotel empire has reportedly been hit by hackers for the second time in less than a year.

The upmarket chain is currently looking into a breach of its credit card systems, according to the usually reliable Brian Krebs, an online security specialist.

Krebs said on Monday he’d received a tip off about the apparent breach from three sources in the financial sector “who said they’ve noticed a pattern of fraud on customer credit cards which suggests that hackers have breached credit card systems at some – if not all – of the Trump Hotel Collection properties.”

The business, which is tied to presidential hopeful Donald Trump, told Krebs it’s “in the midst of a thorough investigation on this matter,” adding, “We are committed to safeguarding all guests’ personal information and will continue to do so vigilantly.”

If it turns out to be true, it’ll be a major embarrassment for the luxury chain, as just last October it revealed a similar attack that took place between May 2014 and June 2015. In that incident, malware was used to access some of its computers hosting front desk terminals and payment card terminals in its restaurants, gift shops, and other point-of-sale purchase locations.

Hotels affected by the breach included properties in Chicago, Honolulu, Las Vegas, Toronto, and Miami, with two premises in New York City also targeted.

In the last couple of years a slew of high-end hotels have been hit by hackers using malware to nab the personal information of customers using payment cards at point-of-sale systems.

The Hyatt group reported a breach last December, while a month earlier Hilton hotels revealed a malware intrusion that ran for 17 weeks before being discovered.

The Mandarin Oriental group, too, reported a similar hack on its computer systems that affected a number of its hotels around the world early last year.

If Trump’s hotel business confirms that its computer systems have indeed been the target of another attack, the response will involve measures such as removing the malware from its systems, contacting affected customers, offering compensation and ID-protection services if necessary, and contacting law enforcement about the matter.

Cybercriminals in possession of stolen credit card information often attempt to sell it on illicit hacking forums, with buyers using it to purchase goods online or withdraw money from bank accounts.

We’ll update if and when Trump hotels offers any information on the current suspected incident.

Editors' Recommendations